Tanne v0.6.17 contains a remote format string vulnerability in logger() which can lead to arbitrary code execution as root. for Linux/x86 which has been tested against Redhat 6.1, 7.0, and 8.0. Tanne is a secure http session management tool sometimes used in online banking.
424ca1d3a400348bfeb0aab16cccbba84c3baac6882c426080179f6f88b31fb4